The invention relates to a Web malicious code detection method and system. Based on a Web application source code database, a malicious code feature database, a webpage code behavior analysis, a white list and a manual analysis, whether a web malicious code exists is detected and determined comprehensively. The system comprises a malicious code detection agent module, a malicious code detection server white list module, a source code database query and detection module, a malicious code feature detection module, a malicious code behavior detection module, a detection result determination and alarm module, a detection result query module and a management module. According to the invention, through comprehensive application of the Web application source code database, the malicious code feature database, the webpage code behavior analysis, the white list and the manual analysis, missed alarm behaviors of malicious code detection can be effectively solved, the accuracy of the malicious code detection is improved, the natural contradiction between the rate of false alarm and the missed alarm rate in a malicious code detection process is balanced, and the response efficiency in the malicious code detection process is optimized.